Comment 9 for bug 1688137
Revision history for this message
| Lance Bragstad (lbragstad) wrote Re: Attacker may use PCI-DSS 8.1.6 and 8.1.7 to lock out users indefinitely | #9 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
9199653
demo site
(Get the code!)
I think our first course action is to implement Morgan's suggestion, where user information is only emitted if the password is correct.